Hey all - silly question: Is it possible to use some sort of "wildcard" character for directory names?
I ask because I've thought about using directories with "blank" names for security purposes, as an a user outside the server is incapable of viewing the folder... as the url would technically be "http://www.website.com/dir//file.ext" (which I think is rather sneaky).
So... yay or nay?
05-03-2009, 01:43 AM
How exactly are you going to create unamed folders? :cool:
05-03-2009, 01:49 AM
Concerning programming style, sneakiness is not at all a desired property.
You should use .htaccess to block outside access to folders.
Re: hthought - WinXP can create blank folders by using copy/paste during a rename using particular unicode characters; Windows won't paste the character.. but instead renames the folder as having no name.
I've done tests, and these folders work fine on all Linux, Mac, and Windows... oddly enough :)
And.. re: venegal - This is for a homebrew plug-n-play CMS (you just drop it on a PHP5 server and run it... and it works.) - So no htaccess is "allowed" for this one :(
That being said - Any suggestions? :)
05-03-2009, 12:37 PM
Why would .htaccess not be allowed? You just drop it on the server and it works too.
Only because it's possible that someone might also have an .htaccess file on their server already :)
I'm just trying to make this as idiot-proof as possible :P
So far, though, PHP doesn't seem to be able to decipher any invisible characters :'(
05-03-2009, 06:55 PM
But there already being an .htaccess file somewhere on the server poses no problem -- yours would just be sitting around in your own restricted folder, not caring about what all those other .htaccess files out there are doing. I implore you, forget about your blank directory name security solution.